Lucene search
K

8 matches found

Patchstack
Patchstack
added 2017/03/29 12:0 a.m.8 views

WordPress BP Group Documents plugin <= 1.10 Authenticated Document Modification vulnerability

WordPress BP Group Documents plugin Authenticated Document Modification vulnerability exists in the function dopostlogic, in the file /include/templatetags.php. If user has a capability to edit one document, he also can edit all other documents. Solution Update the plugin...

2.4AI score
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/12 12:0 a.m.20 views

GNUpanel 0.3.5_R4 Cross Site Request Forgery / Cross Site Scripting

Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/11/2014 CVE :N/A...

Exploits0
0day.today
0day.today
added 2014/02/20 12:0 a.m.41 views

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

Stored XSS vulnerability in BP Group Documents 1.2.1 Description ================ Stored XSS vulnerability in BP Group Documents 1.2.1 Vulnerability ================ “Display name” and “Description” fields are not escaped, meaning any tags including script tags can be stored in them. Proof of...

6.3AI score
Exploits0
Patchstack
Patchstack
added 2014/02/19 12:0 a.m.7 views

WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

BP Group Documents plugin is prone to multiple vulnerabilities. 1. Stored XSS - “Display name” and “Description” fields are not escaped. It means that any tags can be stored in them. 2. Cross-site request forgery - the fields are vulnerable and an unauthenticated user can logged in user to edit a...

0.7AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/02/19 12:0 a.m.31 views

WordPress BP Group Documents多个漏洞

WordPress是一款内容管理系统。 WordPress BP Group Documents“显示名称”和“描述”字段存在存储型跨站脚本漏洞,跨站请求伪造和文件移动漏洞。 0 BP Group Documents 1.2.1 厂商补丁: WordPress ----- WordPress 1.2.2版本以修复此漏洞,建议用户下载使用: http://wordpress.org/plugins/bp-group-documents/ Stored XSS ================ Go to the upload form, select a document to uploa...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/02/19 12:0 a.m.16 views

WordPress Plugin BP Group Documents 1.2.1 - Multiple Vulnerabilities

WordPress Plugin BP Group Documents 1.2.1 - Multiple Vulnerabilities Details ================ Software: BP Group Documents Version: 1.2.1 Homepage: http://wordpress.org/plugins/bp-group-documents/ CVSS: 8 High; AV:N/AC:L/Au:S/C:P/I:P/A:C Description ================ Stored XSS vulnerability in BP...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/02/19 12:0 a.m.21 views

WordPress Plugin BP Group Documents 1.2.1 - Multiple Vulnerabilities

Details ================ Software: BP Group Documents Version: 1.2.1 Homepage: http://wordpress.org/plugins/bp-group-documents/ CVSS: 8 High; AV:N/AC:L/Au:S/C:P/I:P/A:C Description ================ Stored XSS vulnerability in BP Group Documents 1.2.1 Vulnerability ================ “Display name”...

7.4AI score
Exploits0
Rows per page
Query Builder